Mac OS X Leopard + Apache 2 + SSL + PHP / macports (gd, etc)

Let me share with you how I was able to set up my local development environment using the Mac OS X leopard built-in Apache (2.2.6) web-server.

First of all I have one of the latest macbook pro laptops. These have the core 2 duo intel processors, which are capable of 64 bit operations. (If you have a simple core duo - then it’s 32 bit only and you won’t face the same problems as me.) Unfortunately - as most of you web developers using php have already found out - the Apple supplied php library for apache is really a stripped-down version of PHP 5.2.4. You can figure it out if you run “php -m” in the terminal.

It does not have the GD library, nor postgresql, not even IMAP - and I could go on and on. I was really in need of having the GD library (used for generating graphics runtime). I have tried to compile all from source - but failed (several times).

And then comes the macports project to the rescue! I would not even consider using the Leopard built-in web-server, but unfortunately SSL on the macports apache 2 on leopard (64-bit) fails miserably (google it if interested). Also I do not like how the MAMP / XAMPP projects are working (fixed path in /Applications, etc.). In contrast the Apple apache works with SSL like a charm.

Step by step instructions:

1., As macports right now cannot compile SSL for its apache 2 subpart (on core 2 duo machines at least) I had to figure out a way to get the Apple supplied apache server to have SSL. As you know for SSL to work you need to generate a self-signed certificate (or buy one from godaddy or verisign or whatever root cert auth. you fancy). This is how you do that.

a., Instructions on generating and setting up ssl on OS X by Apple
b., in Terminal type:

openssl genrsa -des3 -out server.key 1024
> [enter your passphrase, a simple password we will remove soon]
openssl req -new -key server.key -out server.csr
> [you can accept all the defaults, it does not matter, or customize it to your liking]
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
> [will ask for passphrase]
cp server.key server.key.bak
openssl rsa -in server.key.bak -out server.key
> [passphrase needs to be typed]

OK, so now you have 4 files in your directory, but you only need server.key and server.crt Copy them to /etc/apache2 as root (”sudo -s” first and then your password in terminal)

c., download self signed keys - Please only use them for local development and testing, do not use onthis on production websites! Copy them to the previously mentioned place.

2., Now we have the ssl certificates, and need to setup apache on OS X. As you know the local web server (apache) is turned on/off in the system preferences menu / sharing / web sharing check box. Turn it off. You need to have server.crt and server.key in /etc/apache2. Check it.

In terminal type nano /etc/apache2/httpd.conf
Find the line that says “#LoadModule ssl_module libexec/apache2/mod_ssl.so” and delete the # before it. Save it by hitting ctrl+O. Ctrl+X to exit.

Check that the line Include “/private/etc/apache2/extra/httpd-ssl.conf” line is in there. Itis towards the bottom. I think by default it is there, but please check.

In terminal type nano /etc/apache2/extra/httpd-ssl.conf
You need to uncomment and edit the line that starts with

SSLCertificateFile
To this:
SSLCertificateFile “/private/etc/apache2/server.crt”

And the line that starts with

SSLCertificateKeyFile
To this:
SSLCertificateKeyFile “/private/etc/apache2/server.key”

Save with ctrl+O, then exit with ctrl+X.

3., That’s it. Now you can turn web-sharing back on in the preferences panel. I think by default if you now enter http://localhost or https://localhost into your browser you should see the documents from under /Library/WebServer/Documents to come up onto your screen. I have made some further adjustments to the apache config files so that whenever I type in localhost or https://localhost all the files are coming from my home/Sites (/Users/your user name/Sites) directory - this is not documented here, but should be pretty simple for all of you to achieve.

4., So now we have SSL - it means we can now move onto getting a new php version with macports. The main drawback of using macports at the moment is that it only compiles stuff in 32 bit. As Leopard now supports 64 bit quite well - they even have the built in apache webserver in 32 / 64 bit for intel / powerpc - if you have a core2duo intel prcessor we need to make sure apache only has 32 bit for the following to work.

First turn off web-sharing in preferences if it’s on.
Then in terminal go like:

sudo -s
> [password]
cd /usr/sbin
cp httpd httpd.bak
rm httpd
lipo httpd.bak -thin i386 -output httpd

Now switch back the web-sharing and check if it still works. Apache is now running in 32 bit mode. with ssl.

5., Installing macports and compiling php with mysql / gd / etc.

This will take some time. First of all install the Xcode tools from your leopard disk, and also install the X11 SDK as well (the GD library needs that!) Then you can download and install macports. Get the version with leopard (10.5) support.

After installing you should make sure that macports is in the path. I have created a ~/.bash_profile file (in my home folder) and added the following to the top:

PATH=/opt/local/bin:/opt/local/sbin:$PATH

As macports will install all its files to the /opt/local directory you do not need to worry about OS X updates overwriting these files ever. You can also try a program called PortAuthority which is made for managing the macports packages in a nice graphical interface. I have it installed on my system, but never really relied on it.

So now you should basically be able to run a port version command in terminal which should spit out something like “Version: 1.5xxx”

As a normal user in terminal do this:

sudo port selfupdate (and then your password, this will update the base packages)
sudo port install mysql5 (wait… it fetches and compiles all stuff needed)
sudo port install apache2 +no_startupitem (do not start automatically - we will not use it)
sudo port install php5 +apache2 +mysql5 +sqlite (then wait a long time…)

Now we should have the php5 binary compiled with all kinds of goodness and installed into /opt/local/apache2/modules/libphp5.so

All we need to do to have it in the apple apache2 instead of the stock apple php one is to change /add a line in /etc/apache2/httpd.conf

LoadModule php5_module /opt/local/apache2/modules/libphp5.so

Save and done. Restart the local web server (same thing in preferences / sharing / web sharing tick off then on). You now have php5 installed with ssl on your Leopard. Nice and easy. Kind of

6., There might be problems with macports installing and configuring all the stuff, you can issue a sudo port clean (package name) anytime if something went wrong. Also some php5 init variables might need some customization I am not talking about right now - for instance having your local php connect through a UNIX socket to your local (macports installd) mysql. Etc.

This is not for the faint of heart. I know, I have had my share of mistakes before I could come to find this (working!) solution, but if you’re doing serious PHP development work on a Macintosh give it a try. There are no such tested and complete guides on the internet like this one. If you run into some troubles or errors - please comment here and I will fix it as soon as possible. Thanks, and I hope this all makes your day a bit happier.